R&D Software Security Officer

We are seeking a SaaS Security and Data Privacy Officer to support Agilents ACG Services R&D organization. Reporting to the Associate Vice President of Services R&D this role acts as the security and privacy authority for our SaaS-based service products partnering closely with Engineering IT/ISRM Legal Product Management and Support.

You will provide technical leadership and practical governance to ensure our enterprise-grade software and SaaS platforms are designed built and operated with security privacy and resilience as first-class concernsparticularly as AI-enabled capabilities become core to our offerings.

As our SaaS services continue to scale globally this role ensures we meet customer regulatory and internal security expectations across an increasing number of products standards and deployment models.

Key Responsibilities

Product & Platform Security Leadership

• Serve as the security and data privacy owner across all ACG Services SaaS products including CLC Platform and ACE.
• Perform architectural and design reviews to ensure security-by-design principles are applied consistently.
• Provide formal security sign-off for software releases and major feature introductions.
• Oversee integrated code and dependency security assessments including vulnerability and penetration testing activities.

Compliance & Audit Management

• Own R&D adherence to security and compliance frameworks including ISO 27001 SOC 2 PCI-DSS and related customer security requirements.
• Partner with IT/ISRM and Support to prepare for and support internal and external audits customer questionnaires and assessments.
• Ensure consistent application of Agilents Secure Development Lifecycle Process (SDLP/SDPLC) across Services R&D.

Security Process & Capability Development

• Define document and continuously improve security processes spanning:
  • Secure software development
  • Access control and identity management
  • Provisioning and deprovisioning
  • Incident response and escalation
  • Business continuity and disaster recovery
• Lead R&D security training and awareness programs for engineering teams.

AI-Era Security & Risk Management

• Assess and integrate AI-aware security practices including:
  • Risk assessment of AI-enabled features
  • Secure use of models training data and inference pipelines
  • Alignment with emerging internal and external AI governance expectations
• Collaborate with cross-functional stakeholders to ensure responsible and compliant AI adoption in Services products.

Data Privacy Oversight

• Provide privacy assessment and oversight for new features and data use cases.
• Manage privacy-related documentation reviews and processes in partnership with Legal and Compliance.
• Conduct regular privacy audits and ensure timely remediation of identified gaps.

Required Qualifications

• Bachelors or Masters degree in Computer Science Computer Engineering or a related technical field.
• 8 Years of experience with demonstrated experience leading security and compliance for SaaS platforms in cloud-based environments.
• Strong working knowledge of security and compliance frameworks such as ISO 27001 SOC 2 NIST and GDPR.
• Experience embedding security practices into software development lifecycles and product release processes.
• Hands-on knowledge of:
  • Threat modeling and risk assessment techniques
  • Vulnerability management and penetration testing approaches
  • Secure architecture and design reviews
• Fluency in one or more common programming languages (e.g. Java JavaScript C# or C).
• Experience working effectively with global distributed engineering teams.
• Strong written and verbal communication skills with the ability to influence without authority.

Preferred Qualifications

• Experience securing AWS-based SaaS environments.
• Prior ownership of audit preparation and execution for ISO/SOC/PCI.
• Project or program management experience in security initiatives.
• Background as a senior contributor or leader within a software development organization.
• Familiarity with Agile development practices (Scrum or similar).
• CISSP or equivalent security certifications.